About 1 percent of email traffic, which totals about 3 billion emails per day, is made up of phishing attack schemes. Multiply that number by the average cost of a data breach, which IBM reports is $4.45 million, and you will understand why email security is such a vital service to offer your customers.
Doesn’t All Antivirus Provide Email Security?
There are two primary methods of stopping malware delivered via email. The first is at the endpoint with an antivirus/antimalware/endpoint security solution. While these solutions can prevent the execution of malicious code (by scanning email attachments and monitoring embedded hyperlinks), an important consideration is that, at that point, something bad has already made it into the network at the endpoint. The second form of protection is an email security solution that monitors all incoming (and even outgoing) emails for malicious payloads and links, taking a quarantine action before anything bad ever reaches the endpoint.
Previously, XaaS Journal compared a few different endpoint security products. In this comparison, we’ll look at email security solutions from Avast, Barracuda, Bitdefender, and VIPRE, which address email security before the endpoint.
Core Functionality, Pricing
We asked each vendor to explain how their software functions, what platforms are supported, and how pricing is structured.
Avast Email Security is a cloud-based solution that works with hosted Exchange or on-premises, as well as IMAP/POP3 email. All incoming mail is directed through Avast’s cloud security network and data centers, where the company scans email for spam, viruses, phishing, and other attacks. Suspicious email is held in quarantine in Avast’s network, where it is analyzed. Users receive a report including the recently blocked emails and can view the quarantined ones in real time. Clean email is automatically forwarded to the server for delivery.
Avast offers a pay-as-you-go model so MSPs can adopt the email security service without long-term contracts or commitments. The service can be turned on or off as needed. Additionally, there is no minimum commitment. The options within the Email Security act as “a la carte” services of Antispam, Archiving, and Email Encryption so businesses can mix and match as needed.
Bitdefender GravityZone Security for Email protects all email service providers and supports hybrid environments using Microsoft Exchange Server (on-premises), Microsoft Exchange Online, Microsoft 365, or Google Gmail. Security for Exchange scans Email traffic in real-time as it passes through Microsoft Exchange servers using transport agents before it reaches intended recipients’ mailboxes. Bitdefender GravityZone Security for Email is independent of a mail server and deploys by modifying the MX record to integrate with any email server an organization uses. The process is similar to a gateway deployment, in which all incoming and outgoing emails are routed through the Bitdefender email service in the cloud. The integration is seamless with cloud-based email servers like Microsoft 365, Exchange Online, or Gmail. Bitdefender Security for Exchange and Security for Email service provides comprehensive security features, including antimalware, antispam, antiphishing, attachment, and content filtering. Pricing is based on the number of protected mailboxes; there is no minimum commitment.
Barracuda Email Protection is a cloud-based solution for organizations that want to protect their businesses, brands, and people against the most advanced email-borne threats. Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers gateway defense, AI-based impersonation and phishing protection, incident response, data protection, and compliance capabilities.
VIPRE Email Security Cloud is a cloud-based solution that can protect Microsoft Outlook, Lotus Notes, Office 365, and Google Apps. Email is scanned before the endpoint twice. Once at the beginning of the email journey and again after additional machine learning and image analysis. Pricing is per mailbox (not disclosed), with a one-year commitment.
Solutions include features that specifically protect users from phishing:
Antiphishing protection is included in Bitdefender GravityZone Security for Email. Inbound email redirected through the solution undergoes connection and message filtering, where it’s checked for malware, spam, spoofing and evaluated against threat intelligence and other factors, then quarantined or, if safe, forwarded to the company’s mail server.
Barracuda Email Protection defends against business email compromise, account takeover, spear phishing, and other personalized attacks by combining email gateway with direct API integration into your Office 365 environment. This integration provides visibility into the internal, external, and historical email communication used in training machine learning models to identify phishing and other advanced threats. Barracuda’s AI will identify and block attacks in real time without impacting email or network performance.
When asked about its phishing protection, Avast reported that the functionality exists and suspicious email is held in quarantine.
The VIPRE Email Security Cloud offering includes automatic bad URL detection and defense against links becoming weaponized after they pass through spam and virus filters. It also provides click-time protection for links embedded in emails. Original URLs embedded in an email are replaced with a temporary one that is revalidated when the user clicks on it to ensure that the target site is not malicious. This click-time re-validation helps to ensure that users don’t intentionally or accidentally attempt to visit places that could steal their data, corrupt their machines, or invade their privacy.
Because distracted users may accidentally click a link or a sophisticated phishing scheme may convince users to click, email security is designed to detect malicious links and mitigate this threat.
Bitdefender’s solution filters out and quarantines messages that contain malware, spam, malicious URLs, and other factors based on custom rules.
Barracuda Email Protection also includes Link Protection. A common method attackers use to deliver malware relies on URLs containing malicious code, which can be invisibly downloaded and trigger a much larger attack. Link Protection automatically rewrites these URLs so that Barracuda Email Protection can sandbox the malicious request and block the link.
Avast shared that malicious links are analyzed and quarantined.
As reported above, VIPRE’s phishing features provide click-time protection that validates links and protects users.
Email security solutions also address threats from malware:
Bitdefender takes a multi-layer approach, using signature and behavior-based antivirus and antispam to detect all types of threats, including zero-day variants.
Barracuda Email Protection leverages the cloud for dynamic, real-time threat analysis, attachment sandboxing, and URL protection to prevent malware from affecting email users.
VIPRE Email Security addresses malware before the endpoint with scanning technology, behavioral analysis, and URL rewriting. Malware protection is picked up again at the endpoint after the email pipeline of security is complete. VIPRE also offers attachment threat protection to safeguard email attachments from malicious and zero-day threats and in-transit encryption to protect confidential emails and attachments.
Avast again reported that malware protection exists and suspicious email is held in quarantine.
Filtering spam can lead to greater productivity and security. Email security solutions with spam protection include:
With Bitdefender, incoming email is automatically filtered for spam using a multi-layered spam detection filter, local signatures, URL database filter, heuristic filter, and RBL lists. Antispam protection can also be configured for outbound email traffic (more on that in the next section). Trusted email addresses or domains can be whitelisted. The solution integrates with Microsoft Exchange SCL.
Barracuda quickly filters and sanitizes every email before it’s delivered to your mail server to protect you from email-borne threats. Using virus scanning, spam scoring, real-time intent analysis, URL link protection, reputation checks, and other techniques, Barracuda provides you with the best possible level of protection. Barracuda Central, a global 24×7 threat operations center, constantly monitors the internet for new threats across all attack vectors and feeds this intelligence into email filtering technology.
VIPRE Email Security uses an antispam engine that identifies and quarantines spam at a 99.9 percent efficiency rate, according to the company.
Encryption, Outbound Email Protection
Today, it’s essential to protect your customers from inbound threats and prevent outbound threats that can risk their domain being placed on a block list.
Avast Business Encrypted Email is a cloud-based email security service that automatically encrypts all outbound emails sent through its customer’s network. Through its inbox-to-inbox communication, sender-recipient authentication is not required, and users do not need to build and maintain their own encryption keys. Customers can set policy rules that identify sensitive content and automatically encrypt emails to meet defined criteria.
Bitdefender’s email security solution includes TLS/opportunistic TLS, enforcing TLS encryption, and restricting communication with other email servers that do not support TLS protocol.
Barracuda Email Protection secures mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by recipients through HTTPS web access. Data in motion is secured via Transport Layer Security (TLS), and data at rest is secured via AES 256-bit encryption.
Sensitive emails can be marked manually for encryption. However, creating a policy to automatically encrypt emails based on their sender, content, and other criteria is also possible. Encryption policies ensure organizations comply with regulations designed to protect customer data, such as HIPAA. Finally, using a subset of its defense layers, Barracuda Email Protection outbound filtering stops outbound spam and viruses.
As part of VIPRE’s upcoming May update, the company reports that its email security solution will leverage encrypted point-to-point data transmission and a secure user portal to ensure that only the right users get the right message every time.
Email security solutions with archiving functionality include:
GravityZone Email Security log data is archived automatically after 90 days and can be downloaded from the console for the next 12 months.
Avast Business Email Archive is a secure cloud-based solution that integrates seamlessly with your customers’ existing email infrastructure. It automatically routes all incoming, outgoing, and internal emails through the Avast Business Email Archive gateway so every message can be safely stored, searched for, and recovered to individual desktops.
Barracuda Email Protection provides a cloud-based archive of all email communication. It follows the accepted “best practice” approach for compliance by archiving an original copy of every email into a separate immutable store for long-term retention and preservation.
Compliance and eDiscovery capabilities provided within Office 365 may be adequate for some organizations. Still, Microsoft’s “in-place” approach for long-term email retention and preservation means these capabilities have inherent limitations. They can be complex and expensive to operate and are unlikely to meet the needs of organizations with more demanding compliance and discovery requirements.
Barracuda’s solution includes a cloud-based, indexed archive separate from Microsoft 365 that allows for granular retention policies, extensive search, auditing, permissions, legal hold, and export of emails that may be required in eDiscovery. Litigation holds preserve email from being tampered with until the litigation hold expires or is removed.
VIPRE’s April 2020 update includes email archiving with custom management rules that are fully indexed and searchable. Archiving includes unlimited storage of every email message sent to or from an organization, allowing customers to easily track down precisely what was said in business conversations from years ago.
As with all our comparisons, we can’t choose which product is best for you. It’s clear, however, that each vendor we covered has put a lot of effort into their solutions. Since criminals are constantly refining their strategies, we know these products will continue to evolve. We plan to update this comparison as new features are released. We also plan to expand the field to the other vendors who could not make our deadline.